CRYPTO_SETTINGS structure (schannel.h)
Indicates disabled cryptographic settings.
Syntax
typedef struct _CRYPTO_SETTINGS {
eTlsAlgorithmUsage eAlgorithmUsage;
UNICODE_STRING strCngAlgId;
DWORD cChainingModes;
PUNICODE_STRING rgstrChainingModes;
DWORD dwMinBitLength;
DWORD dwMaxBitLength;
} CRYPTO_SETTINGS, *PCRYPTO_SETTINGS;
Members
eAlgorithmUsage
The algorithm being used as specified in the eTlsAlgorithmUsage enumeration.
| Value | Algorithm |
|---|---|
| TlsParametersCngAlgUsageKeyExchange | Key exchange algorithm. (e.g. RSA, ECDHE, DHE) |
| TlsParametersCngAlgUsageSignature | Signature algorithm. (e.g. RSA, DSA, ECDSA) |
| TlsParametersCngAlgUsageCipher | Encryption algorithm. (e.g. AES, DES, RC4) |
| TlsParametersCngAlgUsageDigest | Digest of cipher suite. (e.g. SHA1, SHA256, SHA384) |
| TlsParametersCngAlgUsageCertSig | Signature and/or hash used to sign certificate. (e.g. RSA, DSA, ECDSA, SHA1, SHA256) |
strCngAlgId
Cryptographic settings are ignored if the specified algorithm is not used by a supported, enabled cipher suite or an available credential.
cChainingModes
The count of entries in the rgstrChainingModes array.
Set to 0 if strCngAlgId does not have a chaining mode (e.g. BCRYPT_SHA384_ALGORITHM). It is an error to specify more than SCH_CRED_MAX_SUPPORTED_CHAINING_MODES.
rgstrChainingModes
An array of CNG chaining mode identifiers.
Set to NULL if strCngAlgId does not have a chaining mode (e.g. BCRYPT_SHA384_ALGORITHM).
dwMinBitLength
Minimum bit length for the specified CNG algorithm.
If 0, schannel uses system defaults. Set to 0 if the CNG algorithm implies bit length (e.g. BCRYPT_ECDH_P521_ALGORITHM).
dwMaxBitLength
Maximum bit length for the specified CNG algorithm.
If 0, schannel uses system defaults. Set to 0 if the CNG algorithm implies bit length (e.g. BCRYPT_ECDH_P521_ALGORITHM).
Requirements
| Minimum supported client | Windows 10 1809 [desktop apps only] |
| Minimum supported server | Windows Server 1809 [desktop apps only] |
| Header | schannel.h |